[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
FW: passwd extop backend selection (ITS#2851)
I believe we ought to change the passwd extop function to execute mainly in
the frontend. The only thing that is needed is to retrieve the entry, create
the hashes, and then issue a modify on the backend. This would eliminate some
redundancy in the backends...
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support
-----Original Message-----
From: owner-openldap-bugs@OpenLDAP.org
[mailto:owner-openldap-bugs@OpenLDAP.org]On Behalf Of ando@sys-net.it
Sent: Sunday, November 30, 2003 10:48 PM
To: openldap-its@OpenLDAP.org
Subject: passwd extop backend selection (ITS#2851)
Full_Name: Pierangelo Masarati
Version: HEAD
OS: Linux RH
URL: http://www.sys-net.it/~ando/Download/slap-passwd-extop-2003-11-30.patch
Submission from: (NULL) (81.72.89.40)
Submitted by: ando
passwd_extop() in servers/slapd/passwd.c uses op->o_conn->c_authz_backend
(the authorizing backend) to operate the password change. This patch uses
the ID field in reqdata, if any, to select the appropriate backend, in
view of using passwd_extop across backends in glued backend pools.
Any drawback or security issue?
Ando.